IN THE CLAIMS 
Please amend the claims as follows: 

1. (original) A method of generating an Authorized Domain (AD), 
the method comprising the steps of 

selecting a domain identifier (Domain_ID) uniquely identifying 
the Authorized Domain (100) , 

- binding at least one user (PI, P2 , PN X ) to the domain 
identifier (Domain_ID) , and 

- binding at least one device (Dl, D2 , DM) to the domain 
identifier (Domain_ID) , and 

thereby obtaining a number of devices (Dl, D2 , DM) and a 
number of persons (PI, P2 , PNJ that is authorized to access a 
content item of said Authorized Domain (100) . 

2. (original) A method according to claim 1, characterized in 
that the method further comprises the step of: 

- binding at least one content item (CI, C2 , CN 2 ) to the 
Authorized Domain (AD) given by the domain identifier 

(Domain ID) . 
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3. (currently amended) A method according to claims 1 2- claim 1 , 

characterized in that the step of binding at least one user (Pi, 
P2, PNi) to the domain identifier (Domain_ID) comprises: 

- obtaining or generating a Domain Users List (DUC) comprising 
the domain identifier (Domain_ID) and a unique identifier 
(Pers_IDl, Pers_ID2, Pers_IDN x ) for a user (PI, P2 , PN X ) 
thereby defining that the user is bound to the Authorized 
Domain (10 0) , 

and/or in that 

the step of binding at least one device (Dl, D2 , DM) to the 
domain identifier (Domain_ID) comprises: 

- obtaining or generating a Domain Devices List (DDC) comprising 
the domain identifier (Domain_ID) and a unique identifier 
(Dev.IDl, Dev.ID2, Dev.IDM) for a device (Dl, D2 , DM) 
thereby defining that the device is bound to the domain (100) . 

4. (currently amended) A method according to claims 2 - 3 claim 2 , 
characterized in that the step of binding at least one content item 
(CI, C2, CN 2 ) to the Authorized Domain (AD) comprises: 

- binding a content item (CI, C2 , CN 2 ) to a User Right (URC1, 
URC2, ... URCN 2 ) , where said User Right (URC1, URC2 , ... URCN 2 ) is 
bound to a user (PI, P2 , PN X ) bound to the Authorized 
Domain (100) , and/or 
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- binding a content item (CI, C2 , CN 2 ) to a Device Right 
(DevRC) , where said Device Right (DevRC) is bound to a device 
(Dl, D2, DM) bound to the Authorized Domain (100) . 

5. (currently amended) A method according to claims 2 ■ — 4- claim 2 , 
characterized in that the step of binding at least one content item 
(CI, C2, CN 2 ) to the Authorized Domain (100) comprises: 

- binding a content item (CI, C2 , CN 3 ) to a Domain Right 
(DRC1, DRC2, ... DRCN 2 ) , where said Domain Right (DRC1, DRC2 , ... 
DRCN 2 ) is bound to the Authorized Domain (100) . 

6. (currently amended) A method according to claims 4 or S claim 
4, characterized in that the User Right (URC) or the Device Right 
(DevRC) or the Domain Rights (DRC) comprises rights data (Rghts 
Dat) representing which rights exists in relation to the at least 
one content item (CI, C2 , CN 2 ) bound to the User Right (URC) or 
the Device Right (DevRC) or the Domain Rights (DRC) . 

7. (currently amended) A method according to any one of the 
previous claims claim 1 , characterized in that the method further 
comprises the step of controlling access to a given content item 
bound to the Authorized Domain (100) by a given device being 
operated by a given user, the step comprising: 
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checking if the given user is bound to the same Authorized 
Domain (100) as the given content item, or 

checking if the given device is bound to the same Authorized 
Domain (100) as the given content item, 

and allowing access for the given user via the given device 
and/or other devices to the content item if the given user is bound 
to the same Authorized Domain (100) , 

or allowing access for the given user and/or other users via 
the given device to the content item if the given device is part of 
the same Authorized Domain (100) . 

8. (currently amended) A method according to any one of claims — 1- 

6 claim 1 , characterized in that the method further comprises the 

step of controlling access to a given content item (CI, C2, 
CN 2 ) , being bound to the Authorized Domain (100) and having a 
unique content identifier (Cont_ID) , by a given device being 
operated by a given user comprising: 

- checking if the Domain Devices List (DDC) of the Authorized 
Domain (100) comprises an identifier (Dev. ID) of the given 
device, thereby checking if the given device is bound to the 
same Authorized Domain (100) as the content item, and/or 
checking if the Domain User List (DUC) of the Authorized 
Domain (100) comprises an identifier (Pers_ID) of the given 
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user (PI, P2, PNi) thereby checking if the given user is 

bound to the same Authorized Domain (10 0) as the content item, 

- and allowing access to the given content item (CI, C2 , CN 2 ) 
by the given device (Dl, D2 , DM) for any user if the given 
device is bound to the same Authorized Domain (100) as the 
content item being accessed, and/or 

- allowing access to the given content item (CI, C2 , CN 2 ) by 
any device including the given device for the given user if 
the given user is bound to the same Authorized Domain (100) as 
the content item being accessed. 

9. (currently amended) A method according to claims 7 8 -claim 7 , 

characterized in that the step of controlling access of a given 
content item further comprises: 

- checking that the User Right (URC) for the given content item 
specifies that the given user (PI, P2 , PN X ) has the right 
to access the given content item (CI, C2 , CN 2 ) and only 
allowing access to the given content item (CI, C2, CN 2 ) in 
the affirmative. 

10. (currently amended) A method according to claimo 1 £ claim 

1, characterized in that every content item is encrypted and that a 
content right (CR) is bound to each content item and to a User 
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Right (URC) or a Device Rights (DevRC) or a Domain Rights (DRC) , 
and that the content right (CR) of a given content item comprises 
an decryption key for decrypting the given content item. 

11. (currently amended) A method according to claims 3 3rOclaim 

3, characterized in that 

- the Domain Users List (DUC) is implemented as or included in a 
Domain Users Certificate, and/ or 

- the Domain Devices List (DDC) is implemented as or included in 
a Domain Devices Certificate, and/or 

- the User Right (URC1, URC2 , URCN 2 ) is implemented as or 
included in a User Right Certificate, and/or 

- the Device Right (DevRC) is implemented as or included in a 
Device Right Certificate, and/or 

- the Domain Rights (DRC1, DRC2 , DRCN 2 ) is 
implemented/ included in a Domain Rights Certificate. 

12. (original) A system for generating an Authorized Domain (AD), 
the system comprising: 

- means for obtaining a domain identifier (Domain_ID) uniquely 
identifying the Authorized Domain (100) , 

- means for binding at least one user (PI, P2 , PNi) to the 
domain identifier (Domain_ID) , and 
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- means for binding at least one device (Dl, D2 , DM) to the 
domain identifier (Domain_ID) , and 

thereby obtaining a number of devices (Dl, D2 , DM) and a 
number of persons (PI, P2 , PNi) that is authorized to access a 
content item of said Authorized Domain (100) . 

'13. (original) A system according to claim 1, characterized in 
that the system further comprises: 

- means for binding at least one content item (CI, C2 , CN 2 ) 
to the Authorized Domain (AD) given by the domain identifier 
(Domain__ID) . 

14. (currently amended) A system according to claims 12 ^claim 

12 , characterized in that the means for binding at least one user 
(PI, P2, PN X ) to the domain identifier (Domain_ID) is adapted 
to : 

- obtain or generate a Domain Users List (DUC) comprising the 
domain identifier (Domain_ID) and a unique identifier 
(Pers_IDl, Pers_ID2, Pers_IDNi) for a user (PI, P2 , PN X ) 
thereby defining that the user is bound to the Authorized 
Domain (10 0) , 

and/or in that 
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the means for binding at least one device (Dl, D2 , DM) to 
the domain identifier (Domain__ID) is adapted to: 

- obtain or generate a Domain Devices List (DDC) comprising the 
domain identifier (Domain_ID) and a unique identifier 
(Dev.IDl, Dev.ID2, Dev.IDM) for a device (Dl, D2 , DM) 
thereby defining that the device is bound to the domain (100) . 

15. (currently amended) A system according to claimo 13 1-4- claim 

13 , characterized in that the means for binding at least one 
content item (CI, C2 , CN 2 ) to the Authorized Domain (AD) is 
adapted to: 

- bind a content item (CI, C2 , CN 2 ) to a User Right (URC1, 
URC2, ... URCN 2 ) , where said User Right (URC1, URC2 , ... URCN 2 ) is 
bound to a user (PI, P2 , PNi) bound to the Authorized 
Domain (100) , and/or y 

- bind a content item (CI, C2 , CN 2 ) to a Device Right 
(DevRC) , where said Device Right (DevRC) is bound to a device 
(Dl, D2, DM) bound to the Authorized Domain (100). 

16. (currently amended) A system according to claimo 13 1-5- claim 

13 , characterized in that the means for binding at least one 
content item (CI, C2 , CN 2 ) to the Authorized Domain (100) is 

adapted to: 
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- bind a content item (CI, C2 , CN 3 ) to a Domain Right (DRC1, 
DRC2, ... DRCN 2 ) , where said Domain Right (DRC1, DRC2 , ... DRCN 2 ) 
is bound to the Authorized Domain (100) . 

17. (currently amended) A system according to claims 15 or 
lr-& claim 15 , characterized in that the User Right (URC) or the 
Device Right (DevRC) or the Domain Rights (DRC) comprises rights 
data (Rghts Dat) representing which rights exists in relation to 
the at least one content item (CI, C2 , CN 2 ) bound to the User 
Right (URC) or the Device Right (DevRC) or the Domain Rights (DRC) . 

18. (currently amended) A system according to claims 12 1-^ claim 

JL2, characterized in that the system further comprises means for 
controlling access to a given content item bound to the Authorized 
Domain (100) by a given device being operated by a given user, 
where the means is adapted to: 

- check if the given user is bound to the same Authorized Domain 
(100) as the given content item, or 

check if the given device is bound to the same Authorized 
Domain (100) as the given content item, 

and allow access for the given user via the given device 
and/or other devices to the content item if the given user is bound 
to the same Authorized Domain (100) , 
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or allow access for the given user and/or other users via the 
given device to the content item if the given device is part of the 
same Authorized Domain (100) . 

19. (currently amended) A system according to any one of claims 

^ ^claim 12 , characterized in that the system further comprises 

means for controlling access to a given content item (CI, C2 , 
CN 2 ) , being bound to the Authorized Domain (10 0) and having a 
unique content identifier (Cont_ID) , by a given device being 
operated by a given user, where the means is adapted to: 

- check if the Domain Devices List (DDC) of the Authorized 
Domain (100) comprises an identifier (Dev. ID) of the given 
device, thereby checking if the given device is bound to the 
same Authorized Domain (100) as the content item, and/or 

- check if the Domain User List (DUC) of the Authorized Domain 
(100) comprises an identifier (Pers_ID) of the given user (PI, 
P2, PNJ thereby checking if the given user is bound to the 
same Authorized Domain (100) as the content item, 

- and allow access to the given content item (CI, C2 , CN 2 ) by 
the given device (Dl, D2, DM) for any user if the given 
device is bound to the same Authorized Domain (100) as the 
content item being accessed, and/or 
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- allow access to the given content item (CI, C2 , CN 2 ) by any 
device including the given device for the given user if the 
given user is bound to the same Authorized Domain (100) as the 
content item being accessed. 

20. (currently amended) A system according to claims 18 ■ — S-9- claim 
1_8, characterized in that the means for controlling access of a 
given content item is further adapted to further: 

- check that the User Right (URC) for the given content item 
specifies that the given user (PI, P2, PN X ) has the right 
to access the given content item (CI, C2 , CN 2 ) and only 
allowing access to the given content item (CI, C2 , CN 2 ) in 
the affirmative. 

21. (currently amended) A system according to claims 12 2-0- claim 

12 , characterized in that every content item is encrypted and that 
a content right (CR) is bound to each content item and to a User 
Right (URC) or a Device Rights (DevRC) or a Domain Rights (DRC) , 
and that the content right (CR) of a given content item comprises 
an decryption key for decrypting the given content item. 

22. (currently amended) A system according to claims 2 4 24rclaim 

24, characterized in that 
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- the Domain Users List (DUC) is implemented as or included in a 
Domain Users Certificate, and/or 

the Domain Devices List (DDC) is implemented as or included in 
a Domain Devices Certificate, and/or 

- the User Right (URC1, URC2 , URCN 2 ) is implemented as or 
included in a User Right Certificate, and/or 

- the Device Right (DevRC) is implemented as or included in a 
Device Right Certificate, and/or 

- the Domain Rights (DRC1, DRC2 , DRCN 2 ) is 
implemented/ included in a Domain Rights Certificate. 

23. (currently amended) A computer readable medium having stored 
thereon instructions for causing one or more processing units to 
execute the method according to any one of claims 1 Hrclaiml. 
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